www.skycastle.com.tw Open in urlscan Pro
2606:4700:30::681c:1461 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hm-gov-university-cam-uk.mgifinc.com/
Effective URL:
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&ap...
Submission: On January 07 via manual (January 7th 2020, 3:04:07 pm UTC) from GB

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 2606:4700:30::681c:1461, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.skycastle.com.tw.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 11th 2019. Valid for: a year.

This is the only time www.skycastle.com.tw was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
22	2606:4700:30:... 2606:4700:30::681c:1461	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
22	1

1 184.168.131.241 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

hm-gov-university-cam-uk.mgifinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:30::681c:1461 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.skycastle.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	skycastle.com.tw www.skycastle.com.tw	236 KB
1	mgifinc.com 1 redirects hm-gov-university-cam-uk.mgifinc.com	267 B
22	2

	Domain	Requested by
22	www.skycastle.com.tw	www.skycastle.com.tw
1	hm-gov-university-cam-uk.mgifinc.com	1 redirects
22	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-11` - `2020-09-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
Frame ID: B8044010B0F63E708C2AC9D4254EA8AC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hm-gov-university-cam-uk.mgifinc.com/ HTTP 301
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/ Page URL
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

236 kB
Transfer

628 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hm-gov-university-cam-uk.mgifinc.com/ HTTP 301
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/ Page URL
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hm-gov-university-cam-uk.mgifinc.com/ HTTP 301
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/
Redirect Chain

http://hm-gov-university-cam-uk.mgifinc.com/
https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

1 KB
905 B

2074ms
1803ms

Document
text/html

2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/7.3.9

Resource Hash

933592cc902098039cc6ce6f99365657e30e5dcca0f154f33d9cacdccfb896f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.skycastle.com.tw
:scheme: https
:path: /wp-content/plugins/apikey/hm-services-acc-uni/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Tue, 07 Jan 2020 15:03:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbca46057eb25cf05fa5d78cdb40b56371578409429; expires=Thu, 06-Feb-20 15:03:49 GMT; path=/; domain=.skycastle.com.tw; HttpOnly; SameSite=Lax; Secure PHPSESSID=ilvc9ov5ov0kr2513kkanajg88; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.3.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5516d2188e8d63ad-FRA
content-encoding: br

Redirect headers

Server: nginx/1.12.2
Date: Tue, 07 Jan 2020 15:03:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Location: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

GET
H2 200 close.png
www.skycastle.com.tw/bitnami/images/ 2 KB
2 KB 12ms
11ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/bitnami/images/close.png

Requested by

Host: www.skycastle.com.tw
URL: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a956724625713474238f82aac8e595f9159987cef6467f9e92f9635b97d5c928

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 14:01:55 GMT
server: cloudflare
age: 7111
etag: "5d6537d3-810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d223debf63ad-FRA
content-length: 2064

GET
H2 200 corner-logo.png
www.skycastle.com.tw/bitnami/images/ 26 KB
26 KB 17ms
17ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/bitnami/images/corner-logo.png

Requested by

Host: www.skycastle.com.tw
URL: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 14:01:55 GMT
server: cloudflare
age: 7111
etag: "5d6537d3-66f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d223dec163ad-FRA
content-length: 26352

GET
H2 200 banner.js Show response
www.skycastle.com.tw/bitnami/ 1 KB
476 B 16ms
16ms Script
application/javascript 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/bitnami/banner.js

Requested by

Host: www.skycastle.com.tw
URL: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

acae33d97199201df46b10580a853df8e6aab11262efe1cb7dda14115d925228

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 14:01:55 GMT
server: cloudflare
age: 7111
etag: W/"5d6537d3-467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5516d223dec063ad-FRA

GET
H2 200 Primary Request introduction-message.php Show response
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/ 18 KB
4 KB 1332ms
1332ms Document
text/html 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/7.3.9

Resource Hash

b5e8ad7b6809c7802a776b382f8552e308566e6f42638c4a00da2215f3264247

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.skycastle.com.tw
:scheme: https
:path: /wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/
accept-encoding: gzip, deflate, br
cookie: __cfduid=dbca46057eb25cf05fa5d78cdb40b56371578409429; PHPSESSID=ilvc9ov5ov0kr2513kkanajg88
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/

Response headers

status: 200
date: Tue, 07 Jan 2020 15:03:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5516d223fee963ad-FRA
content-encoding: br

GET
H2 200 styles.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 14 KB
2 KB 1387ms
1385ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/styles.css

Requested by

Host: www.skycastle.com.tw
URL: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56ced251f97b6c202f2c1f5b20cac3fd27c5e47680e4f2cc2437607ccb3fa1a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 16:38:22 GMT
server: cloudflare
etag: W/"5dfcf8fe-3741"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d22c6a1f63ad-FRA

GET
H2 200 fonts.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 1 KB
505 B 1386ms
1384ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/fonts.css?GMjVXaTCMPPxkuAzDScgH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c88950cb8ebf31892bd222c0cfbc56a150d51a69cd664d6af9d1234c57a9fb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 16:36:28 GMT
server: cloudflare
etag: W/"5dfcf88c-589"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d22c6a2363ad-FRA

GET
H2 200 stats.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 68 KB
9 KB 1381ms
1379ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/stats.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5154aa6323c1242b81ba79b7c90b09c46954866db4ee97a6c277468779600fb9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 16:56:16 GMT
server: cloudflare
etag: W/"5dfcfd30-11032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d22c6a2563ad-FRA

GET
H2 200 forms.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 321 KB
30 KB 1453ms
1452ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/forms.css?ZQdhTnAFAlwONaxYTMemCQhyIf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

057d18b28947d5180c342f9e3846ed6cc1648b87a0cb54dc104f08f9422b1129

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 17:00:14 GMT
server: cloudflare
etag: W/"5dfcfe1e-505e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d22c6a2663ad-FRA

GET
H2 200 gov.png
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 1 KB
1 KB 1182ms
1181ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/gov.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

203e1db49d3eff430d7dc450ce723c1002542fe1d2bce661b6d8571f14c1043c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:54 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:49:02 GMT
server: cloudflare
etag: "5dfc7cee-419"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d22c6a2963ad-FRA
content-length: 1049

GET
H2 200 close.png
www.skycastle.com.tw/bitnami/images/ 2 KB
2 KB 32ms
31ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/bitnami/images/close.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a956724625713474238f82aac8e595f9159987cef6467f9e92f9635b97d5c928

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 14:01:55 GMT
server: cloudflare
age: 7113
etag: "5d6537d3-810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d22c6a2b63ad-FRA
content-length: 2064

GET
H2 200 corner-logo.png
www.skycastle.com.tw/bitnami/images/ 26 KB
26 KB 12ms
12ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/bitnami/images/corner-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2143fd002c6373b832ce377a57a23851209d78a11e21800173ccf1bb4ae986

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 14:01:55 GMT
server: cloudflare
age: 7113
etag: "5d6537d3-66f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d22c9a6f63ad-FRA
content-length: 26352

GET
H2 200 banner.js Show response
www.skycastle.com.tw/bitnami/ 1 KB
471 B 15ms
15ms Script
application/javascript 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/bitnami/banner.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

acae33d97199201df46b10580a853df8e6aab11262efe1cb7dda14115d925228

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 14:01:55 GMT
server: cloudflare
age: 7113
etag: W/"5d6537d3-467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5516d22c7a3563ad-FRA

GET
H2 200 print.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 14 KB
2 KB 1331ms
1331ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/print.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf5a4e60be61e4091280f73b552ad2bcec5025ff3c4e15be6bae0d99f3aa349

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 16:37:28 GMT
server: cloudflare
etag: W/"5dfcf8c8-3962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d22cba8563ad-FRA

GET
H2 200 stats-print.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 4 KB
1 KB 3254ms
3253ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/stats-print.css?kWOJRBtRuIEVYAnEaTC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

267ae15aad7006617fb583020e34b34c20f712bca7d673452d658576d36e42de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 20 Dec 2019 16:37:46 GMT
server: cloudflare
etag: W/"5dfcf8da-f04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d233cbd063ad-FRA

GET
H2 200 footer.css
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 1 KB
470 B 3067ms
3066ms Stylesheet
text/css 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/footer.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/introduction-message.php?freq=new&topic=tx_clam&appID=qRVqkAZKaHfMmbjSfgwMmEduWuveWOgkzUWruHIYcLKaHPNQt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:49:02 GMT
server: cloudflare
etag: W/"5dfc7cee-42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5516d2350d9263ad-FRA

GET
H2 200 gov.uk_logotype_crown.png
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 1 KB
2 KB 3434ms
3434ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/gov.uk_logotype_crown.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea874a79e09423d63420aff44f016fd0b92dc6dec0cc2668d63b150c8669875e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:48:28 GMT
server: cloudflare
etag: "5dfc7ccc-587"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d237390463ad-FRA
content-length: 1415

GET
H2 200 search-button.png
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 540 B
634 B 3450ms
3450ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/search-button.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/stats.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:48:32 GMT
server: cloudflare
etag: "5dfc7cd0-21c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d237390863ad-FRA
content-length: 540

GET
H2 200 open-government-licence.png
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 761 B
838 B 3441ms
3440ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/open-government-licence.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:48:28 GMT
server: cloudflare
etag: "5dfc7ccc-2f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d237390a63ad-FRA
content-length: 761

GET
H2 200 govuk-crest.png
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 4 KB
4 KB 3449ms
3449ms Image
image/png 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/govuk-crest.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 07 Jan 2020 15:03:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:48:28 GMT
server: cloudflare
etag: "5dfc7ccc-e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d237390e63ad-FRA
content-length: 3584

GET
H2 200 v1-f38ad40456-light.woff2
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 66 KB
67 KB 3447ms
3446ms Font
font/woff2 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/v1-f38ad40456-light.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b98fe790388f58c950f2bed1ca8ad02fa168d6effa7aae7cb7fee81e51183f46

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/fonts.css?GMjVXaTCMPPxkuAzDScgH
Origin: https://www.skycastle.com.tw

Response headers

date: Tue, 07 Jan 2020 15:03:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:48:30 GMT
server: cloudflare
etag: "5dfc7cce-1093c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: font/woff2
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d237390b63ad-FRA
content-length: 67900

GET
H2 200 v1-a2452cb66f-bold.woff2
www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/ 54 KB
54 KB 3433ms
3433ms Font
font/woff2 2606:4700:30::681c:1461
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/v1-a2452cb66f-bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1461 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

be83c947da6c602697be56d5f04bab2074ad9e8e7fe39807f814654fd691d328

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.skycastle.com.tw/wp-content/plugins/apikey/hm-services-acc-uni/adv/scope/fonts.css?GMjVXaTCMPPxkuAzDScgH
Origin: https://www.skycastle.com.tw

Response headers

date: Tue, 07 Jan 2020 15:03:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Fri, 20 Dec 2019 07:48:32 GMT
server: cloudflare
etag: "5dfc7cd0-d884"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: font/woff2
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5516d237390c63ad-FRA
content-length: 55428

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm-gov-university-cam-uk.mgifinc.com
www.skycastle.com.tw
184.168.131.241
2606:4700:30::681c:1461
057d18b28947d5180c342f9e3846ed6cc1648b87a0cb54dc104f08f9422b1129
0c88950cb8ebf31892bd222c0cfbc56a150d51a69cd664d6af9d1234c57a9fb0
1076519521c2fffbbf75ab3b0d3b32ee2d96ac7e9778f1cdfac1771eefd1a1c0
203e1db49d3eff430d7dc450ce723c1002542fe1d2bce661b6d8571f14c1043c
267ae15aad7006617fb583020e34b34c20f712bca7d673452d658576d36e42de
5154aa6323c1242b81ba79b7c90b09c46954866db4ee97a6c277468779600fb9
5c2143fd002c6373b832ce377a57a23851209d78a11e21800173ccf1bb4ae986
933592cc902098039cc6ce6f99365657e30e5dcca0f154f33d9cacdccfb896f5
a956724625713474238f82aac8e595f9159987cef6467f9e92f9635b97d5c928
acae33d97199201df46b10580a853df8e6aab11262efe1cb7dda14115d925228
b5e8ad7b6809c7802a776b382f8552e308566e6f42638c4a00da2215f3264247
b98fe790388f58c950f2bed1ca8ad02fa168d6effa7aae7cb7fee81e51183f46
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
be83c947da6c602697be56d5f04bab2074ad9e8e7fe39807f814654fd691d328
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
c56ced251f97b6c202f2c1f5b20cac3fd27c5e47680e4f2cc2437607ccb3fa1a
ca89b2a79f944909ceb7370d3f0b78811d32b96e883348fcd8886f63dd619585
ea874a79e09423d63420aff44f016fd0b92dc6dec0cc2668d63b150c8669875e
fcf5a4e60be61e4091280f73b552ad2bcec5025ff3c4e15be6bae0d99f3aa349

www.skycastle.com.tw Open in urlscan Pro 2606:4700:30::681c:1461 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

236 kBTransfer

628 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.skycastle.com.tw Open in urlscan Pro
2606:4700:30::681c:1461 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

236 kB
Transfer

628 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!